US12088616B2ActiveUtilityA1

Deep cyber vulnerability mitigation system

90
Assignee: UNIV SOUTH FLORIDAPriority: Nov 6, 2020Filed: Nov 8, 2021Granted: Sep 10, 2024
Est. expiryNov 6, 2040(~14.3 yrs left)· nominal 20-yr term from priority
Inventors:Ankit Shah
G06N 3/09G06N 3/092G06N 3/094G06F 21/577H04L 41/16G06N 3/02G06N 7/01G06N 3/08H04L 63/107H04L 63/1433H04L 41/046H04L 41/145H04L 41/0894G06F 2221/034G06F 21/57
90
PatentIndex Score
2
Cited by
29
References
19
Claims

Abstract

A method, system, or apparatus for mitigating computer and network security deficiencies is provided in which, the method, system, or apparatus scans computer system components for finding a vulnerability, generates a Vulnerability Priority Scoring System (VPSS) score for the vulnerability based on the vulnerability, develops a vulnerability mitigation policy based on a system state comprising the VPSS score, wherein the vulnerability mitigation policy provides a best action for mitigating the vulnerability selected among one or more trained possible actions by a deep neural network, and performs the vulnerability mitigation policy based on the best action. Other aspects, embodiments, and features are also claimed and described.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method for mitigating computer and network security deficiencies comprising:
 obtaining a vulnerability scan report for a vulnerability on a computer system component; 
 generating a Vulnerability Priority Scoring System (VPSS) score for the vulnerability based on the vulnerability scan report, wherein the VPSS score is generated by summing a plurality of values based on a qualitative response associated with at least one of factors: a relevance of a network segment in which the vulnerability is reported, a level of existing protection in the network segment, a number of high-value assets in the network segment, or a length of time of the vulnerability residing in the network segment; 
 developing a vulnerability mitigation policy based on a system state comprising the VPSS score, wherein the vulnerability mitigation policy provides a best action for mitigating the vulnerability selected among one or more trained possible actions by a deep reinforcement learning agent; and 
 performing the vulnerability mitigation policy based on the best action. 
 
     
     
       2. The method of  claim 1  further comprising:
 developing an adversary based on the system state for identifying a weakness in the vulnerability mitigation policy, wherein the adversary provides a best attaining action selected among one or more trained possible attaining actions by a deep reinforcement learning agent; and 
 updating the VPSS score based on the best attaining action. 
 
     
     
       3. The method of  claim 1 , wherein the computer system component comprises a software component and a hardware component. 
     
     
       4. The method of  claim 1 , wherein the plurality of values is further based on an qualitative response associated with a level of severity of the vulnerability. 
     
     
       5. The method of  claim 4 , wherein the VPSS score is generated using a machine learning model,
 wherein the at least one of the factors is used as training data to build and train the machine learning model. 
 
     
     
       6. The method of  claim 5 , wherein the machine learning model has a lowest mean squared error (MSE) among a plurality of machine learning models obtained based on the training data. 
     
     
       7. The method of  claim 4 , wherein a weight is assigned to each of the at least one of factors, and the weight is calibrated based on a feedback from the vulnerability mitigation policy. 
     
     
       8. The method of  claim 1 , wherein the best action is at least one of: a prescribed action for the vulnerability based on available security personnel or a preselected automated action. 
     
     
       9. The method of  claim 1 , wherein the system state further comprises at least one of: a location of high-value assets, a security personnel resource information, previously mitigated vulnerability information, and a feedback information. 
     
     
       10. A method for mitigating computer and network security deficiencies comprising:
 generating a vulnerability scan report for a vulnerability on a computer system component; 
 generating a Vulnerability Priority Scoring System (VPSS) score for the vulnerability based on the vulnerability scan report; 
 developing a vulnerability mitigation policy based on a system state comprising the VPSS score, wherein the vulnerability mitigation policy provides a best action for mitigating the vulnerability selected among one or more trained possible actions by a deep reinforcement learning agent; and 
 performing the vulnerability mitigation policy based on the best action; 
 developing an adversary, based on the system state, for identifying a weakness in the vulnerability mitigation policy, wherein the adversary provides a best attaining action selected among one or more trained possible attaining actions by the deep reinforcement learning agent; and 
 updating, using a processor, the vulnerability mitigation policy when the system state changes. 
 
     
     
       11. The method of  claim 10 , wherein the step of generating a vulnerability scan report is based on a National Vulnerability Database (NVD). 
     
     
       12. The method of  claim 10  further comprising:
 updating the VPSS score based on the best attaining action. 
 
     
     
       13. The method of  claim 10 , wherein the computer system component comprise a software component and a hardware component. 
     
     
       14. The method of  claim 10 , wherein the VPSS score is generated based on at least one of factors: a relevance of a network segment in which the vulnerability is reported, a level of existing protection in the network segment, a number of high-value assets in the network segment, a length of time of the vulnerability residing in the network segment, or a level of severity of the vulnerability. 
     
     
       15. The method of  claim 14 , wherein the VPSS score is generated using a machine learning model,
 wherein the at least one of the factors is used as training data to build and train the machine learning model. 
 
     
     
       16. The method of  claim 15 , wherein the machine learning model has a lowest mean squared error (MSE) among a plurality of machine learning models obtained based on the training data. 
     
     
       17. The method of  claim 14 , wherein a weight is assigned to each of the at least one of factors, and the weight is calibrated based on a feedback from the vulnerability mitigation policy. 
     
     
       18. The method of  claim 10 , wherein the best action is at least one of: a prescribed action for the vulnerability based on available security personnel or a preselected automated action. 
     
     
       19. The method of  claim 10 , wherein the system state further comprises at least one of: a location of high-value assets, a security personnel resource information, previously mitigated vulnerability information, and a feedback information.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.